diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/index.html b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/index.html
index 692e05d174..a66fcdceed 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/index.html
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/index.html
@@ -31,6 +31,7 @@
     <div id="content" ng-view/>
 </div>
 
+<div style="display: none;" id="bearer"></div>
 <pre style="background-color: #ddd; border: 1px solid #ccc; padding: 10px;" id="output"></pre>
 
 </body>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
index 3d2ed43afa..f6df2cbf32 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
@@ -166,8 +166,10 @@ module.factory('authInterceptor', function ($q, $injector, $timeout, Identity) {
             if (Identity.authorization && Identity.authorization.rpt && request.url.indexOf('/authorize') == -1) {
                 retries = 0;
                 request.headers.Authorization = 'Bearer ' + Identity.authorization.rpt;
+                document.getElementById("bearer").innerHTML = 'rpt: Bearer ' + Identity.authorization.rpt;
             } else {
                 request.headers.Authorization = 'Bearer ' + Identity.authc.token;
+                document.getElementById("bearer").innerHTML = 'authc: Bearer ' + Identity.authc.token;
             }
             return request;
         },
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
index 90704168f0..94feb72654 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
@@ -3,19 +3,14 @@ package org.keycloak.example.photoz.album;
 import org.keycloak.KeycloakSecurityContext;
 import org.keycloak.authorization.client.AuthzClient;
 import org.keycloak.authorization.client.ClientAuthorizationContext;
-import org.keycloak.authorization.client.Configuration;
 import org.keycloak.authorization.client.representation.ResourceRepresentation;
 import org.keycloak.authorization.client.representation.ScopeRepresentation;
 import org.keycloak.authorization.client.resource.ProtectionResource;
-import org.keycloak.example.photoz.ErrorResponse;
 import org.keycloak.example.photoz.entity.Album;
 import org.keycloak.example.photoz.util.Transaction;
-import org.keycloak.representations.adapters.config.AdapterConfig;
-import org.keycloak.util.JsonSerialization;
 
 import javax.inject.Inject;
 import javax.persistence.EntityManager;
-import javax.persistence.Query;
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@@ -28,16 +23,16 @@ import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
-import java.security.Principal;
 import java.util.HashSet;
 import java.util.List;
-import java.util.Set;
+import javax.ws.rs.core.HttpHeaders;
+import org.jboss.logging.Logger;
 
 @Path("/album")
 @Transaction
 public class AlbumService {
 
-    private static volatile long nextId = 0;
+    private final Logger log = Logger.getLogger(AlbumService.class);
 
     public static final String SCOPE_ALBUM_VIEW = "album:view";
     public static final String SCOPE_ALBUM_DELETE = "album:delete";
@@ -50,33 +45,35 @@ public class AlbumService {
 
     @POST
     @Consumes("application/json")
-    public Response create(Album newAlbum, @QueryParam("user") String username) {
-        newAlbum.setId(++nextId);
-
-        if (username == null) {
-            username = request.getUserPrincipal().getName();
+    public Response create(Album newAlbum, @QueryParam("user") String invalidUser, @Context HttpHeaders headers) {
+        printAuthHeaders(headers);
+        
+        String userId = request.getUserPrincipal().getName();
+        
+        if (invalidUser != null) {
+            userId = invalidUser;
         }
+        
+        newAlbum.setUserId(userId);
 
-        newAlbum.setUserId(username);
-        Query queryDuplicatedAlbum = this.entityManager.createQuery("from Album where name = :name and userId = :userId");
-
-        queryDuplicatedAlbum.setParameter("name", newAlbum.getName());
-        queryDuplicatedAlbum.setParameter("userId", username);
-
-        if (!queryDuplicatedAlbum.getResultList().isEmpty()) {
-            throw new ErrorResponse("Name [" + newAlbum.getName() + "] already taken. Choose another one.", Status.CONFLICT);
+        log.debug("PERSISTING " + newAlbum);
+        entityManager.persist(newAlbum);
+        try {
+            createProtectedResource(newAlbum);
+        } catch (RuntimeException e) {
+            log.debug("ERROR " + e);
+            entityManager.remove(newAlbum);
+            throw e;
         }
 
-        this.entityManager.persist(newAlbum);
-
-        createProtectedResource(newAlbum);
-
         return Response.ok(newAlbum).build();
     }
 
     @Path("{id}")
     @DELETE
-    public Response delete(@PathParam("id") String id) {
+    public Response delete(@PathParam("id") String id, @Context HttpHeaders headers) {
+        printAuthHeaders(headers);
+        
         Album album = this.entityManager.find(Album.class, Long.valueOf(id));
 
         try {
@@ -113,6 +110,7 @@ public class AlbumService {
     }
 
     private void createProtectedResource(Album album) {
+        log.debug("Creating ProtectedResource for " + album);
         try {
             HashSet<ScopeRepresentation> scopes = new HashSet<>();
 
@@ -145,7 +143,7 @@ public class AlbumService {
             }
 
             protection.resource().delete(search.get(0).getId());
-        } catch (Exception e) {
+        } catch (RuntimeException e) {
             throw new RuntimeException("Could not search protected resource.", e);
         }
     }
@@ -161,4 +159,11 @@ public class AlbumService {
     private KeycloakSecurityContext getKeycloakSecurityContext() {
         return KeycloakSecurityContext.class.cast(request.getAttribute(KeycloakSecurityContext.class.getName()));
     }
+
+    private void printAuthHeaders(HttpHeaders headers) {
+        log.debug("-----------------Authorization headers--------------------------");
+        for (String authHeader : headers.getRequestHeader(HttpHeaders.AUTHORIZATION)) {
+            log.debug(authHeader);
+        }
+    }
 }
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Album.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Album.java
index f887e2a129..6eadcbfc96 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Album.java
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Album.java
@@ -17,24 +17,30 @@
  */
 package org.keycloak.example.photoz.entity;
 
+import java.io.Serializable;
 import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.FetchType;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
 import javax.persistence.OneToMany;
-import javax.persistence.GenerationType;
 import javax.persistence.Transient;
 import java.util.ArrayList;
 import java.util.List;
+import javax.persistence.Table;
+import javax.persistence.UniqueConstraint;
 
 /**
  * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
  */
 @Entity
-public class Album {
+@Table(uniqueConstraints = {
+    @UniqueConstraint(columnNames = {"name", "userId"})
+})
+public class Album implements Serializable {
 
     @Id
+    @GeneratedValue
     private Long id;
 
     @Column(nullable = false)
@@ -88,4 +94,9 @@ public class Album {
     public void setUserManaged(boolean userManaged) {
         this.userManaged = userManaged;
     }
+
+    @Override
+    public String toString() {
+        return "Album{" + "id=" + id + ", name=" + name + ", userId=" + userId + '}';
+    }
 }
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Photo.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Photo.java
index 08b7495f73..1161807a83 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Photo.java
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/entity/Photo.java
@@ -17,6 +17,7 @@
  */
 package org.keycloak.example.photoz.entity;
 
+import java.io.Serializable;
 import javax.persistence.Basic;
 import javax.persistence.Column;
 import javax.persistence.Entity;
@@ -30,7 +31,7 @@ import javax.persistence.ManyToOne;
  * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
  */
 @Entity
-public class Photo {
+public class Photo implements Serializable {
 
     @Id
     @GeneratedValue
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/unsecured/UnsecuredService.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/unsecured/UnsecuredService.java
new file mode 100644
index 0000000000..ff07d37e7a
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/unsecured/UnsecuredService.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2018 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.example.photoz.unsecured;
+
+
+import javax.inject.Inject;
+import javax.persistence.EntityManager;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.GET;
+import org.jboss.logging.Logger;
+
+/**
+ * Service used to ensure there is clean DB before test 
+ * 
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+@Path("/unsecured/clean")
+public class UnsecuredService {
+
+    private final Logger log = Logger.getLogger(UnsecuredService.class);
+
+    @Inject
+    private EntityManager entityManager;
+
+    @GET
+    @Produces("application/json")
+    public Response cleanAll() {
+        int deletedAlbums = entityManager.createQuery("delete from Album").executeUpdate();
+        int deletedPhotos = entityManager.createQuery("delete from Photo").executeUpdate();
+        
+        if (deletedAlbums != 0 || deletedPhotos != 0) {
+            log.warnf("Database was not empty. Deleted {0} Albums, {1} Photos", deletedAlbums, deletedPhotos);
+        } else {
+            log.debug("Database was clean before test");
+        }
+        return Response.ok().build();
+    }
+}
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/TransactionInterceptor.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/TransactionInterceptor.java
index 36d35f319b..be602486aa 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/TransactionInterceptor.java
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/TransactionInterceptor.java
@@ -35,7 +35,7 @@ public class TransactionInterceptor {
     private Instance<EntityManager> entityManager;
 
     @AroundInvoke
-    public Object aroundInvoke(InvocationContext context) {
+    public Object aroundInvoke(InvocationContext context) throws Exception {
         EntityManager entityManager = this.entityManager.get();
         EntityTransaction transaction = entityManager.getTransaction();
 
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml
index 8b6d226720..369d82100d 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml
@@ -15,8 +15,8 @@
 			<property name="hibernate.connection.driver_class" value="org.h2.Driver" />
 			<property name="hibernate.connection.url" value="jdbc:h2:mem:test-keycloak-photoz-example" />
 			<property name="hibernate.connection.user" value="sa" />
-			<property name="hibernate.flushMode" value="FLUSH_AUTO" />
-			<property name="hibernate.hbm2ddl.auto" value="update" />
+			<property name="hibernate.flushMode" value="COMMIT" />
+			<property name="hibernate.hbm2ddl.auto" value="create-drop" />
 			<property name="hibernate.show_sql" value="false" />
 		</properties>
 	</persistence-unit>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/beans.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/beans.xml
similarity index 100%
rename from testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/resources/META-INF/beans.xml
rename to testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/beans.xml
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml
index 34cf6bd6a1..508bc72747 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml
@@ -1,41 +1,47 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <web-app xmlns="http://java.sun.com/xml/ns/javaee"
-      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-      version="3.0">
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+         version="3.0">
 
-	<module-name>photoz-restful-api</module-name>
+    <module-name>photoz-restful-api</module-name>
 
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>All Resources</web-resource-name>
-			<url-pattern>/*</url-pattern>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>user</role-name>
-		</auth-constraint>
-	</security-constraint>
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>All Resources</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>user</role-name>
+        </auth-constraint>
+    </security-constraint>
 
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>All Resources</web-resource-name>
-			<url-pattern>/*</url-pattern>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>admin</role-name>
-		</auth-constraint>
-	</security-constraint>
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>All Resources</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>admin</role-name>
+        </auth-constraint>
+    </security-constraint>
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>Unsecured</web-resource-name>
+            <url-pattern>/unsecured/*</url-pattern>
+        </web-resource-collection>
+    </security-constraint>
 
-	<login-config>
-		<auth-method>KEYCLOAK</auth-method>
-		<realm-name>photoz</realm-name>
-	</login-config>
+    <login-config>
+        <auth-method>KEYCLOAK</auth-method>
+        <realm-name>photoz</realm-name>
+    </login-config>
 
-	<security-role>
-		<role-name>admin</role-name>
-	</security-role>
+    <security-role>
+        <role-name>admin</role-name>
+    </security-role>
 
-	<security-role>
-		<role-name>user</role-name>
-	</security-role>
+    <security-role>
+        <role-name>user</role-name>
+    </security-role>
 </web-app>
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
index 1f61268ef2..f87d481a37 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
@@ -27,10 +27,11 @@ import org.keycloak.testsuite.util.URLUtils;
 import org.openqa.selenium.By;
 import org.openqa.selenium.WebElement;
 import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.ui.Select;
 
 import java.net.URL;
 
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertThat;
 import static org.keycloak.testsuite.util.WaitUtils.pause;
 import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
 import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
@@ -82,12 +83,26 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
     }
 
     public void createAlbum(String name, String buttonId) {
+        log.debugf("Creating album {0} with buttonId: {1}", name, buttonId);
         navigateTo();
-        this.driver.findElement(By.id("create-album")).click();
-        Form.setInputValue(this.driver.findElement(By.id("album.name")), name);
+        WebElement createAlbum = driver.findElement(By.id("create-album"));
+        waitUntilElement(createAlbum).is().clickable();
+        createAlbum.click();
+        WebElement albumNameInput = driver.findElement(By.id("album.name"));
+        waitUntilElement(albumNameInput).is().present();
+        Form.setInputValue(albumNameInput, name);
         pause(200); // We need to wait a bit for the form to "accept" the input (otherwise it registers the input as empty)
-        this.driver.findElement(By.id(buttonId)).click();
+        waitUntilElement(albumNameInput).attribute(Form.VALUE).contains(name);
+        WebElement button = driver.findElement(By.id(buttonId));
+        waitUntilElement(button).is().clickable();
+        button.click();
         pause(WAIT_AFTER_OPERATION);
+        if (buttonId.equals("save-album-invalid")) {
+            waitForPageToLoad();
+            assertThat(driver.getPageSource(), containsString("Could not register protected resource."));
+        } else {
+            waitUntilElement(albumNameInput).is().not().present();
+        }
     }
 
     public void createAlbumWithInvalidUser(String name) {
@@ -99,32 +114,51 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
         return this.url;
     }
 
-    public void deleteAlbum(String name) {
-        driver.findElements(By.xpath("//a[text()='" + name + "']/following-sibling::a[text()='X']")).forEach(WebElement::click);
+    public void deleteAlbum(String name, boolean shouldBeDenied) {
+        log.debugf("Deleting album {0}", name);
+        WebElement delete = driver.findElement(By.id("delete-" + name));
+        waitUntilElement(delete).is().clickable();
+        delete.click();
         pause(WAIT_AFTER_OPERATION);
+        if (shouldBeDenied) {
+            waitForDenial();
+        } else {
+            waitUntilElement(delete).is().not().present();
+        }
     }
 
-    public void navigateToAdminAlbum() {
+    public void navigateToAdminAlbum(boolean shouldBeDenied) {
+        log.debug("Navigating to Admin Album");
         URLUtils.navigateToUri(toString() + "/#/admin/album", true);
+        
         driver.navigate().refresh(); // This is sometimes necessary for loading the new policy settings
         waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
+        if (shouldBeDenied) {
+            waitForDenial();
+        } else {
+            waitUntilElement(output).text().equalTo("");
+        }
     }
 
     public void logOut() {
-        waitUntilElement(signOutButton); // Sometimes doesn't work in PhantomJS!
+        waitUntilElement(signOutButton).is().clickable(); // Sometimes doesn't work in PhantomJS!
         signOutButton.click();
         pause(WAIT_AFTER_OPERATION);
     }
     
     public void requestEntitlement() {
+        waitUntilElement(entitlement).is().clickable();
         entitlement.click();
+        waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
         pause(WAIT_AFTER_OPERATION);
     }
     
     public void requestEntitlements() {
+        waitUntilElement(entitlements).is().clickable();
         entitlements.click();
+        waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
         pause(WAIT_AFTER_OPERATION);
     }
@@ -168,7 +202,8 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
         }
 
         this.loginPage.form().login(username, password);
-
+        waitForPageToLoad();//guess
+        
         // simple check if we are at the consent page, if so just click 'Yes'
         if (this.consentPage.isCurrent()) {
             consentPage.confirm();
@@ -177,12 +212,8 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public boolean wasDenied() {
-        return this.driver.findElement(By.id("output")).getText().contains("You can not access");
-    }
-
-    public void viewAlbum(String name) throws InterruptedException {
-        viewAlbum(name, true);
+    private void waitForDenial() {
+        waitUntilElement(output).text().contains("You can not access");
     }
 
     public void viewAllAlbums() {
@@ -190,83 +221,130 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void viewAlbum(String name, boolean refresh) throws InterruptedException {
-        this.driver.findElement(By.xpath("//a[text() = '" + name + "']")).click();
+    public void viewAlbum(String name, boolean shouldBeDenied) {
+        WebElement viewalbum = driver.findElement(By.xpath("//a[text() = '" + name + "']"));
+        waitUntilElement(viewalbum).is().clickable();
+        viewalbum.click();
+        waitForPageToLoad();
+        if (shouldBeDenied) waitForDenial();
+        driver.navigate().refresh(); // This is sometimes necessary for loading the new policy settings
         waitForPageToLoad();
-        if (refresh) {
-            driver.navigate().refresh(); // This is sometimes necessary for loading the new policy settings
-        }
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountPage() throws InterruptedException {
+    public void accountPage() {
         navigateTo();
-        this.driver.findElement(By.id("my-account")).click();
+        WebElement myAccount = driver.findElement(By.id("my-account"));
+        waitUntilElement(myAccount).is().clickable();
+        myAccount.click();
+        waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountMyResources() throws InterruptedException {
+    public void accountMyResources() {
         accountPage();
-        this.driver.findElement(By.xpath("//a[text() = 'My Resources']")).click();
+        WebElement myResources = driver.findElement(By.xpath("//a[text() = 'My Resources']"));
+        waitUntilElement(myResources).is().clickable();
+        myResources.click();
         waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountMyResource(String name) throws InterruptedException {
+    public void accountMyResource(String name) {
         accountMyResources();
-        this.driver.findElement(By.id("detail-" + name)).click();
+        WebElement myResource = driver.findElement(By.id("detail-" + name));
+        waitUntilElement(myResource).is().clickable();
+        myResource.click();
         waitForPageToLoad();
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountGrantResource(String name, String requester) throws InterruptedException {
+    public void accountGrantResource(String name, String requester) {
         accountMyResources();
-        this.driver.findElement(By.id("grant-" + name + "-" + requester)).click();
+        WebElement grantResource = driver.findElement(By.id("grant-" + name + "-" + requester));
+        waitUntilElement(grantResource).is().clickable();
+        grantResource.click();
         waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountGrantRemoveScope(String name, String requester, String scope) throws InterruptedException {
+    public void accountGrantRemoveScope(String name, String requester, String scope) {
         accountMyResources();
-        this.driver.findElement(By.id("grant-remove-scope-" + name + "-" + requester + "-" + scope)).click();
+        WebElement grantRemoveScope = driver.findElement(By.id("grant-remove-scope-" + name + "-" + requester + "-" + scope));
+        waitUntilElement(grantRemoveScope).is().clickable();
+        grantRemoveScope.click();
         waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountRevokeResource(String name, String requester) throws InterruptedException {
+    public void accountRevokeResource(String name, String requester) {
         accountMyResource(name);
-        this.driver.findElement(By.id("revoke-" + name + "-" + requester)).click();
+        WebElement revokeResource = driver.findElement(By.id("revoke-" + name + "-" + requester));
+        waitUntilElement(revokeResource).is().clickable();
+        revokeResource.click();
         waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountShareResource(String name, String user) throws InterruptedException {
+    public void accountShareResource(String name, String user) {
         accountMyResource(name);
-        this.driver.findElement(By.id("user_id")).sendKeys(user);
-        this.driver.findElement(By.id("share-button")).click();
+        WebElement userIdInput = driver.findElement(By.id("user_id"));
+        Form.setInputValue(userIdInput, user);
+        pause(200); // We need to wait a bit for the form to "accept" the input (otherwise it registers the input as empty)
+        waitUntilElement(userIdInput).attribute(Form.VALUE).contains(user);
+        
+        WebElement shareButton = driver.findElement(By.id("share-button"));
+        waitUntilElement(shareButton).is().clickable();
+        shareButton.click();
         waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountShareRemoveScope(String name, String user, String scope) throws InterruptedException {
+    public void accountShareRemoveScope(String name, String user, String scope) {
         accountMyResource(name);
-        this.driver.findElement(By.id("user_id")).sendKeys(user);
-        this.driver.findElement(By.id("share-remove-scope-" + name + "-" + scope)).click();
-        this.driver.findElement(By.id("share-button")).click();
+        
+        WebElement userIdInput = driver.findElement(By.id("user_id"));
+        Form.setInputValue(userIdInput, user);
+        pause(200); // We need to wait a bit for the form to "accept" the input (otherwise it registers the input as empty)
+        waitUntilElement(userIdInput).attribute(Form.VALUE).contains(user);
+        
+        WebElement shareRemoveScope = driver.findElement(By.id("share-remove-scope-" + name + "-" + scope));
+        waitUntilElement(shareRemoveScope).is().clickable();
+        shareRemoveScope.click();
         waitForPageToLoad();
+        
+        WebElement shareButton = driver.findElement(By.id("share-button"));
+        waitUntilElement(shareButton).is().clickable();
+        shareButton.click();
+        
+        waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void accountDenyResource(String name) throws InterruptedException {
+    public void accountDenyResource(String name) {
         accountMyResource(name);
-        this.driver.findElement(By.xpath("//a[text() = 'Deny']")).click();
+        WebElement denyLink = driver.findElement(By.linkText("Deny"));
+        waitUntilElement(denyLink).is().clickable();
+        denyLink.click();
         waitForPageToLoad();
+        pause(WAIT_AFTER_OPERATION);
     }
 
-    public void requestResourceProtectedAnyScope() throws InterruptedException {
+    public void requestResourceProtectedAnyScope(boolean shouldBeDenied) {
         navigateTo();
-        this.driver.findElement(By.id("requestPathWithAnyProtectedScope")).click();
+        WebElement requestPathWithAnyProtectedScope = driver.findElement(By.id("requestPathWithAnyProtectedScope"));
+        waitUntilElement(requestPathWithAnyProtectedScope).is().clickable();
+        requestPathWithAnyProtectedScope.click();
+        if (shouldBeDenied) waitForDenial();
         pause(WAIT_AFTER_OPERATION);
     }
 
-    public void requestResourceProtectedAllScope() throws InterruptedException {
+    public void requestResourceProtectedAllScope(boolean shouldBeDenied) {
         navigateTo();
-        this.driver.findElement(By.id("requestPathWithAllProtectedScope")).click();
+        WebElement requestPathWithAllProtectedScope = driver.findElement(By.id("requestPathWithAllProtectedScope"));
+        waitUntilElement(requestPathWithAllProtectedScope).is().clickable();
+        requestPathWithAllProtectedScope.click();
+        if (shouldBeDenied) waitForDenial();
         pause(WAIT_AFTER_OPERATION);
     }
 
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
index a7cded4223..4cc9d4a606 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
@@ -16,7 +16,11 @@
  */
 package org.keycloak.testsuite.adapter.example.authorization;
 
+import static org.hamcrest.Matchers.empty;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 import static org.keycloak.testsuite.util.IOUtil.loadJson;
 import static org.keycloak.testsuite.util.IOUtil.loadRealm;
@@ -31,14 +35,18 @@ import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.function.Predicate;
 import java.util.stream.Collectors;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.LaxRedirectStrategy;
 
 import org.jboss.arquillian.container.test.api.Deployer;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.graphene.page.Page;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.After;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
@@ -68,7 +76,7 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd
 
     private static final String REALM_NAME = "photoz";
     private static final String RESOURCE_SERVER_ID = "photoz-restful-api";
-    private static int TOKEN_LIFESPAN_LEEWAY = 3; // seconds
+    private static final int TOKEN_LIFESPAN_LEEWAY = 3; // seconds
 
     @ArquillianResource
     private Deployer deployer;
@@ -86,8 +94,19 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd
     public static void enabled() { ProfileAssume.assumePreview(); }
 
     @Before
-    public void beforePhotozExampleAdapterTest() throws FileNotFoundException {
+    public void beforePhotozExampleAdapterTest() throws Exception {
         deleteAllCookiesForClientPage();
+        this.deployer.deploy(RESOURCE_SERVER_ID);
+        
+        try (CloseableHttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new LaxRedirectStrategy()).build()) {
+            HttpGet request = new HttpGet(clientPage.toString() + "/unsecured/clean");
+            httpClient.execute(request).close();
+        } 
+    }
+    
+    @After
+    public void afterPhotozExampleAdapterTest() {
+        this.deployer.undeploy(RESOURCE_SERVER_ID);
     }
 
     @Override
@@ -115,655 +134,530 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd
         importResourceServerSettings();
     }
 
+    private List<ResourceRepresentation> getResourcesOfUser(String username) throws FileNotFoundException {
+        return getAuthorizationResource().resources().resources().stream().filter(resource -> resource.getOwner().getName().equals(username)).collect(Collectors.toList());
+    }
+    
+    private void printUpdatedPolicies() throws FileNotFoundException {
+        log.debug("Check updated policies");
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            log.debugf("Policy: {0}", policy.getName());
+            for (String key : policy.getConfig().keySet()) {
+                log.debugf("-- key: {0}, value: {1}", key, policy.getConfig().get(key));
+            }
+        }
+        log.debug("------------------------------");
+    }
+    
     @Test
     public void testUserCanCreateAndDeleteAlbum() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice Family Album");
+        clientPage.createAlbum("Alice Family Album");
+        log.debug("Check if alice has resources stored");
+        assertThat(getResourcesOfUser("alice"), is(not(empty())));
 
-            List<ResourceRepresentation> resources = getAuthorizationResource().resources().resources();
-            assertFalse(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-
-            this.clientPage.deleteAlbum("Alice Family Album");
-
-            resources = getAuthorizationResource().resources().resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        clientPage.deleteAlbum("Alice Family Album", false);
+        log.debug("Check if alice has resources deleted");
+        assertThat(getResourcesOfUser("alice"), is(empty()));
     }
 
     @Test
     public void createAlbumWithInvalidUser() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
 
-            loginToClientPage("alice", "alice");
+        clientPage.createAlbumWithInvalidUser("Alice Family Album");
 
-            clientPage.createAlbumWithInvalidUser("Alice Family Album");
-
-            waitUntilElement(clientPage.getOutput()).text().not().contains("Request was successful");
-            waitUntilElement(clientPage.getOutput()).text().contains("Could not register protected resource");
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        log.debug("Check if the album was not created.");
+        waitUntilElement(clientPage.getOutput()).text().not().contains("Request was successful");
+        waitUntilElement(clientPage.getOutput()).text().contains("Could not register protected resource");
     }
 
     @Test
     public void testOnlyOwnerCanDeleteAlbum() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice-Family-Album");
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice-Family-Album");
 
-            loginToClientPage("admin", "admin");
-            this.clientPage.navigateToAdminAlbum();
+        loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
 
-            List<ResourceRepresentation> resources = getAuthorizationResource().resources().resources();
-            assertFalse(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
+        log.debug("Check if alice has resources stored");
+        assertThat(getResourcesOfUser("alice"), is(not(empty())));
 
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Delete Album Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Only Owner Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+        log.debug("Adding applyPolicies \"Only Owner Policy\" to \"Delete Album Permission\" policies.");
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Delete Album Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Only Owner Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
-
-            loginToClientPage("admin", "admin");
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
-            resources = getAuthorizationResource().resources().resources();
-            assertFalse(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Delete Album Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Only Owner and Administrators Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
-            }
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
-            resources = getAuthorizationResource().resources().resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
         }
-    }
+        printUpdatedPolicies();
 
+        loginToClientPage("admin", "admin");
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum("Alice-Family-Album", true);
+        
+        log.debug("Check if alice has resources stored");
+        assertThat(getResourcesOfUser("alice"), is(not(empty())));
+
+        log.debug("Adding applyPolicies \"Only Owner and Administrators Policy\" to \"Delete Album Permission\" policies.");
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Delete Album Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Only Owner and Administrators Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
+            }
+        }
+        printUpdatedPolicies();
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum("Alice-Family-Album", false);
+        
+        log.debug("Check if alice has resources deleted");
+        assertThat(getResourcesOfUser("alice"), is(empty()));
+    }
+ 
+    
     @Test
     public void testRegularUserCanNotAccessAdminResources() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-
-            loginToClientPage("alice", "alice");
-            this.clientPage.navigateToAdminAlbum();
-            assertTrue(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        loginToClientPage("alice", "alice");
+        clientPage.navigateToAdminAlbum(true);
     }
 
     @Test
     public void testAdminOnlyFromSpecificAddress() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
 
-            loginToClientPage("admin", "admin");
-            this.clientPage.navigateToAdminAlbum();
-            assertFalse(this.clientPage.wasDenied());
-
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Only From a Specific Client Address".equals(policy.getName())) {
-                    String code = policy.getConfig().get("code");
-                    policy.getConfig().put("code", code.replaceAll("127.0.0.1", "127.3.3.3"));
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+        log.debug("Changing codes \"127.0.0.1\" to \"127.3.3.3\" of \"Only From a Specific Client Address\" policies.");
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Only From a Specific Client Address".equals(policy.getName())) {
+                String code = policy.getConfig().get("code");
+                policy.getConfig().put("code", code.replaceAll("127.0.0.1", "127.3.3.3"));
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
-
-            this.clientPage.navigateToAdminAlbum();
-            assertTrue(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
         }
+        printUpdatedPolicies();
+
+        clientPage.navigateToAdminAlbum(true);
     }
 
     @Test
     public void testAdminWithoutPermissionsToTypedResource() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice Family Album");
+        
+        loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice Family Album");
+        clientPage.viewAlbum("Alice Family Album", false);
 
-            loginToClientPage("admin", "admin");
-            this.clientPage.navigateToAdminAlbum();
-            assertFalse(this.clientPage.wasDenied());
-
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Album Resource Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Any User Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
-                if ("Any User Policy".equals(policy.getName())) {
-                    ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
-                    RoleResource manageAlbumRole = resourceServerClient.roles().get("manage-albums");
-                    RoleRepresentation roleRepresentation = manageAlbumRole.toRepresentation();
-                    List<Map> roles = JsonSerialization.readValue(policy.getConfig().get("roles"), List.class);
-
-                    roles = roles.stream().filter(new Predicate<Map>() {
-                        @Override
-                        public boolean test(Map map) {
-                            return !map.get("id").equals(roleRepresentation.getId());
-                        }
-                    }).collect(Collectors.toList());
-
-                    policy.getConfig().put("roles", JsonSerialization.writeValueAsString(roles));
-
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Album Resource Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Any User Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
+            if ("Any User Policy".equals(policy.getName())) {
+                ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
+                RoleResource manageAlbumRole = resourceServerClient.roles().get("manage-albums");
+                RoleRepresentation roleRepresentation = manageAlbumRole.toRepresentation();
+                List<Map> roles = JsonSerialization.readValue(policy.getConfig().get("roles"), List.class);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertTrue(this.clientPage.wasDenied());
+                roles = roles.stream().filter((Map map) -> !map.get("id").equals(roleRepresentation.getId())).collect(Collectors.toList());
 
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Album Resource Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Any User Policy\", \"Administration Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+                policy.getConfig().put("roles", JsonSerialization.writeValueAsString(roles));
+
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum("Alice Family Album");
-            List<ResourceRepresentation> resources = getAuthorizationResource().resources().resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
         }
+        printUpdatedPolicies();
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum("Alice Family Album", true);
+
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Album Resource Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Any User Policy\", \"Administration Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
+            }
+        }
+        printUpdatedPolicies();
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum("Alice Family Album", false);
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum("Alice Family Album", false);
+        assertThat(getResourcesOfUser("alice"), is(empty()));
     }
 
     @Test
     public void testAdminWithoutPermissionsToDeleteAlbum() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice Family Album");
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice Family Album");
+        loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
 
-            loginToClientPage("admin", "admin");
-            this.clientPage.navigateToAdminAlbum();
-            assertFalse(this.clientPage.wasDenied());
-
-            this.clientPage.deleteAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-            List<ResourceRepresentation> resources = getAuthorizationResource().resources().resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Delete Album Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Only Owner Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+        clientPage.deleteAlbum("Alice Family Album", false);
+        assertThat(getResourcesOfUser("alice"), is(empty()));
+        
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Delete Album Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Only Owner Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
-
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice Family Album");
-
-            loginToClientPage("admin", "admin");
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-            resources = getAuthorizationResource().resources().resources();
-            assertFalse(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum("Alice Family Album");
-            assertTrue(this.clientPage.wasDenied());
-
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Delete Album Permission".equals(policy.getName())) {
-                    policy.getConfig().put("applyPolicies", "[\"Only Owner and Administrators Policy\"]");
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
-            }
-
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-            resources = getAuthorizationResource().resources().resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
         }
+        printUpdatedPolicies();
+
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice Family Album");
+
+        loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum("Alice Family Album", false);
+        assertThat(getResourcesOfUser("alice"), is(not(empty())));
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum("Alice Family Album", true);
+
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Delete Album Permission".equals(policy.getName())) {
+                policy.getConfig().put("applyPolicies", "[\"Only Owner and Administrators Policy\"]");
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
+            }
+        }
+        printUpdatedPolicies();
+
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum("Alice Family Album", false);
+        assertThat(getResourcesOfUser("alice"), is(empty()));
     }
 
     @Test
     public void testClientRoleRepresentingUserConsent() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice Family Album");
+        clientPage.viewAlbum("Alice Family Album", false);
 
-            loginToClientPage("alice", "alice");
-            assertFalse(this.clientPage.wasDenied());
-            this.clientPage.createAlbum("Alice Family Album");
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
+        UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
+        List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
 
-            UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
-            List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
+        assertFalse(users.isEmpty());
 
-            assertFalse(users.isEmpty());
+        UserRepresentation userRepresentation = users.get(0);
+        UserResource userResource = usersResource.get(userRepresentation.getId());
 
-            UserRepresentation userRepresentation = users.get(0);
-            UserResource userResource = usersResource.get(userRepresentation.getId());
+        ClientResource html5ClientApp = getClientResource("photoz-html5-client");
 
-            ClientResource html5ClientApp = getClientResource("photoz-html5-client");
+        userResource.revokeConsent(html5ClientApp.toRepresentation().getClientId());
 
-            userResource.revokeConsent(html5ClientApp.toRepresentation().getClientId());
+        ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
+        RoleResource roleResource = resourceServerClient.roles().get("manage-albums");
+        RoleRepresentation roleRepresentation = roleResource.toRepresentation();
 
-            ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
-            RoleResource roleResource = resourceServerClient.roles().get("manage-albums");
-            RoleRepresentation roleRepresentation = roleResource.toRepresentation();
+        roleRepresentation.setScopeParamRequired(true);
 
-            roleRepresentation.setScopeParamRequired(true);
+        roleResource.update(roleRepresentation);
 
-            roleResource.update(roleRepresentation);
+        loginToClientPage("alice", "alice");
+        clientPage.viewAlbum("Alice Family Album", true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertTrue(this.clientPage.wasDenied());
-
-            loginToClientPage("alice", "alice", RESOURCE_SERVER_ID + "/manage-albums");
-            this.clientPage.viewAlbum("Alice Family Album", false);
-            assertFalse(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        loginToClientPage("alice", "alice", RESOURCE_SERVER_ID + "/manage-albums");
+        clientPage.viewAlbum("Alice Family Album", false);
     }
 
     @Test
     public void testClientRoleNotRequired() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
 
-            loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice Family Album");
+        clientPage.viewAlbum("Alice Family Album", false);
 
-            assertFalse(this.clientPage.wasDenied());
+        UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
+        List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
 
-            this.clientPage.createAlbum("Alice Family Album");
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
+        assertFalse(users.isEmpty());
 
-            UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
-            List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
+        UserRepresentation userRepresentation = users.get(0);
+        UserResource userResource = usersResource.get(userRepresentation.getId());
 
-            assertFalse(users.isEmpty());
+        ClientResource html5ClientApp = getClientResource("photoz-html5-client");
 
-            UserRepresentation userRepresentation = users.get(0);
-            UserResource userResource = usersResource.get(userRepresentation.getId());
+        userResource.revokeConsent(html5ClientApp.toRepresentation().getClientId());
 
-            ClientResource html5ClientApp = getClientResource("photoz-html5-client");
+        ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
+        RoleResource manageAlbumRole = resourceServerClient.roles().get("manage-albums");
+        RoleRepresentation roleRepresentation = manageAlbumRole.toRepresentation();
 
-            userResource.revokeConsent(html5ClientApp.toRepresentation().getClientId());
+        roleRepresentation.setScopeParamRequired(true);
 
-            ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
-            RoleResource manageAlbumRole = resourceServerClient.roles().get("manage-albums");
-            RoleRepresentation roleRepresentation = manageAlbumRole.toRepresentation();
+        manageAlbumRole.update(roleRepresentation);
 
-            roleRepresentation.setScopeParamRequired(true);
+        loginToClientPage("alice", "alice");
+        clientPage.viewAlbum("Alice Family Album", true);
 
-            manageAlbumRole.update(roleRepresentation);
+        for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
+            if ("Any User Policy".equals(policy.getName())) {
+                List<Map> roles = JsonSerialization.readValue(policy.getConfig().get("roles"), List.class);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertTrue(this.clientPage.wasDenied());
+                roles.forEach(role -> {
+                    String roleId = (String) role.get("id");
+                    if (roleId.equals(manageAlbumRole.toRepresentation().getId())) {
+                        role.put("required", false);
+                    }
+                });
 
-            for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
-                if ("Any User Policy".equals(policy.getName())) {
-                    List<Map> roles = JsonSerialization.readValue(policy.getConfig().get("roles"), List.class);
-
-                    roles.forEach(role -> {
-                        String roleId = (String) role.get("id");
-                        if (roleId.equals(manageAlbumRole.toRepresentation().getId())) {
-                            role.put("required", false);
-                        }
-                    });
-
-                    policy.getConfig().put("roles", JsonSerialization.writeValueAsString(roles));
-                    getAuthorizationResource().policies().policy(policy.getId()).update(policy);
-                }
+                policy.getConfig().put("roles", JsonSerialization.writeValueAsString(roles));
+                getAuthorizationResource().policies().policy(policy.getId()).update(policy);
             }
-
-            loginToClientPage("alice", "alice");
-            this.clientPage.viewAlbum("Alice Family Album");
-            assertFalse(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
         }
+        printUpdatedPolicies();
+
+        loginToClientPage("alice", "alice");
+        clientPage.viewAlbum("Alice Family Album", false);
     }
 
     @Test
     public void testOverridePermissionFromResourceParent() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
+        String resourceName = "My Resource Instance";
+        clientPage.createAlbum(resourceName);
 
-            loginToClientPage("alice", "alice");
-            String resourceName = "My Resource Instance";
-            this.clientPage.createAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.viewAlbum(resourceName, false);
 
-            this.clientPage.viewAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.navigateTo();
+        clientPage.deleteAlbum(resourceName, false);
 
-            this.clientPage.navigateTo();
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.createAlbum(resourceName);
 
-            this.clientPage.createAlbum(resourceName);
+        clientPage.logOut();
+        loginToClientPage("admin", "admin");
 
-            this.clientPage.logOut();
-            loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum(resourceName, false);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum(resourceName, false);
 
-            this.clientPage.navigateToAdminAlbum();;
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum(resourceName);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        getAuthorizationResource().resources().resources().forEach(resource -> {
+            if (resource.getName().equals(resourceName)) {
+                try {
+                    PolicyRepresentation resourceInstancePermission = new PolicyRepresentation();
 
-            getAuthorizationResource().resources().resources().forEach(resource -> {
-                if (resource.getName().equals(resourceName)) {
-                    try {
-                        PolicyRepresentation resourceInstancePermission = new PolicyRepresentation();
+                    resourceInstancePermission.setName(resourceName + "Permission");
+                    resourceInstancePermission.setType("resource");
 
-                        resourceInstancePermission.setName(resourceName + "Permission");
-                        resourceInstancePermission.setType("resource");
+                    Map<String, String> config = new HashMap<>();
 
-                        Map<String, String> config = new HashMap<>();
+                    config.put("resources", JsonSerialization.writeValueAsString(Arrays.asList(resource.getId())));
+                    config.put("applyPolicies", JsonSerialization.writeValueAsString(Arrays.asList("Only Owner Policy")));
 
-                        config.put("resources", JsonSerialization.writeValueAsString(Arrays.asList(resource.getId())));
-                        config.put("applyPolicies", JsonSerialization.writeValueAsString(Arrays.asList("Only Owner Policy")));
-
-                        resourceInstancePermission.setConfig(config);
-                        getAuthorizationResource().policies().create(resourceInstancePermission);
-                    } catch (Exception e) {
-                        throw new RuntimeException("Error creating policy.", e);
-                    }
+                    resourceInstancePermission.setConfig(config);
+                    getAuthorizationResource().policies().create(resourceInstancePermission);
+                } catch (IOException e) {
+                    throw new RuntimeException("Error creating policy.", e);
                 }
-            });
+            }
+        });
+        printUpdatedPolicies();
 
-            loginToClientPage("admin", "admin");
+        loginToClientPage("admin", "admin");
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum(resourceName);
-            assertTrue(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum(resourceName, true);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum(resourceName);
-            assertTrue(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum(resourceName, true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        loginToClientPage("alice", "alice");
+        clientPage.deleteAlbum(resourceName, false);
 
-            ResourcesResource resourcesResource = getAuthorizationResource().resources();
-            List<ResourceRepresentation> resources = resourcesResource.resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        assertThat(getResourcesOfUser("alice"), is(empty()));
     }
 
     @Test
     public void testInheritPermissionFromResourceParent() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
+        loginToClientPage("alice", "alice");
 
-            loginToClientPage("alice", "alice");
+        String resourceName = "My Resource Instance";
+        clientPage.createAlbum(resourceName);
 
-            String resourceName = "My Resource Instance";
-            this.clientPage.createAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.viewAlbum(resourceName, false);
 
-            this.clientPage.viewAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.navigateTo();
+        clientPage.deleteAlbum(resourceName, false);
 
-            this.clientPage.navigateTo();
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.createAlbum(resourceName);
 
-            this.clientPage.createAlbum(resourceName);
+        loginToClientPage("admin", "admin");
 
-            loginToClientPage("admin", "admin");
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum(resourceName, false);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum(resourceName, false);
 
-            this.clientPage.navigateToAdminAlbum();;
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum(resourceName);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        ResourcesResource resourcesResource = getAuthorizationResource().resources();
+        resourcesResource.resources().forEach(resource -> {
+            if (resource.getName().equals(resourceName)) {
+                try {
+                    PolicyRepresentation resourceInstancePermission = new PolicyRepresentation();
 
-            ResourcesResource resourcesResource = getAuthorizationResource().resources();
-            resourcesResource.resources().forEach(resource -> {
-                if (resource.getName().equals(resourceName)) {
-                    try {
-                        PolicyRepresentation resourceInstancePermission = new PolicyRepresentation();
+                    resourceInstancePermission.setName(resourceName + "Permission");
+                    resourceInstancePermission.setType("resource");
 
-                        resourceInstancePermission.setName(resourceName + "Permission");
-                        resourceInstancePermission.setType("resource");
+                    Map<String, String> config = new HashMap<>();
 
-                        Map<String, String> config = new HashMap<>();
+                    config.put("resources", JsonSerialization.writeValueAsString(Arrays.asList(resource.getId())));
+                    config.put("applyPolicies", JsonSerialization.writeValueAsString(Arrays.asList("Only Owner Policy")));
 
-                        config.put("resources", JsonSerialization.writeValueAsString(Arrays.asList(resource.getId())));
-                        config.put("applyPolicies", JsonSerialization.writeValueAsString(Arrays.asList("Only Owner Policy")));
-
-                        resourceInstancePermission.setConfig(config);
-                        getAuthorizationResource().policies().create(resourceInstancePermission);
-                    } catch (Exception e) {
-                        throw new RuntimeException("Error creating policy.", e);
-                    }
+                    resourceInstancePermission.setConfig(config);
+                    getAuthorizationResource().policies().create(resourceInstancePermission);
+                } catch (IOException e) {
+                    throw new RuntimeException("Error creating policy.", e);
                 }
-            });
+            }
+        });
 
-            loginToClientPage("admin", "admin");
+        loginToClientPage("admin", "admin");
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum(resourceName);
-            assertTrue(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum(resourceName, true);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum(resourceName);
-            assertTrue(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum(resourceName, true);
 
-            resourcesResource.resources().forEach(resource -> {
-                if (resource.getName().equals(resourceName)) {
-                    resource.setScopes(resource.getScopes().stream().filter(scope -> !scope.getName().equals("album:view")).collect(Collectors.toSet()));
-                    resourcesResource.resource(resource.getId()).update(resource);
-                }
-            });
+        resourcesResource.resources().forEach(resource -> {
+            if (resource.getName().equals(resourceName)) {
+                resource.setScopes(resource.getScopes().stream().filter(scope -> !scope.getName().equals("album:view")).collect(Collectors.toSet()));
+                resourcesResource.resource(resource.getId()).update(resource);
+            }
+        });
 
-            loginToClientPage("admin", "admin");
+        loginToClientPage("admin", "admin");
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.viewAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.viewAlbum(resourceName, false);
 
-            this.clientPage.navigateToAdminAlbum();
-            this.clientPage.deleteAlbum(resourceName);
-            assertTrue(this.clientPage.wasDenied());
+        clientPage.navigateToAdminAlbum(false);
+        clientPage.deleteAlbum(resourceName, true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.deleteAlbum(resourceName);
-            assertFalse(this.clientPage.wasDenied());
-            List<ResourceRepresentation> resources = resourcesResource.resources();
-            assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
+        loginToClientPage("alice", "alice");
+        clientPage.deleteAlbum(resourceName, false);
+        List<ResourceRepresentation> resources = resourcesResource.resources();
+        assertTrue(resources.stream().filter(resource -> resource.getOwner().getName().equals("alice")).collect(Collectors.toList()).isEmpty());
 
-            resourcesResource.resources().forEach(resource -> {
-                if (resource.getName().equals(resourceName)) {
-                    resource.setScopes(Collections.emptySet());
-                    resourcesResource.resource(resource.getId()).update(resource);
-                }
-            });
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        resourcesResource.resources().forEach(resource -> {
+            if (resource.getName().equals(resourceName)) {
+                resource.setScopes(Collections.emptySet());
+                resourcesResource.resource(resource.getId()).update(resource);
+            }
+        });
     }
     
     //KEYCLOAK-3777
     @Test
     public void testEntitlementRequest() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-            
-            clientPage.navigateTo();
-            loginToClientPage("admin", "admin");
+        clientPage.navigateTo();
+        loginToClientPage("admin", "admin");
 
-            clientPage.requestEntitlements();
-            assertTrue(driver.getPageSource().contains("admin:manage"));
-            
-            clientPage.requestEntitlement();
-            String pageSource = driver.getPageSource();
-            assertTrue(pageSource.contains("album:view"));
-            assertTrue(pageSource.contains("album:delete"));
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        clientPage.requestEntitlements();
+        assertTrue(driver.getPageSource().contains("admin:manage"));
+
+        clientPage.requestEntitlement();
+        String pageSource = driver.getPageSource();
+        assertTrue(pageSource.contains("album:view"));
+        assertTrue(pageSource.contains("album:delete"));
     }
 
     @Test
     public void testResourceProtectedWithAnyScope() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-            loginToClientPage("alice", "alice");
-            this.clientPage.requestResourceProtectedAllScope();
-            assertTrue(this.clientPage.wasDenied());
-            this.clientPage.requestResourceProtectedAnyScope();
-            assertFalse(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        loginToClientPage("alice", "alice");
+        clientPage.requestResourceProtectedAllScope(true);
+        clientPage.requestResourceProtectedAnyScope(false);
     }
 
     @Test
     public void testRequestResourceToOwner() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice-Family-Album", true);
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice-Family-Album", true);
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", true);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.accountGrantResource("Alice-Family-Album", "jdoe");
+        loginToClientPage("alice", "alice");
+        clientPage.accountGrantResource("Alice-Family-Album", "jdoe");
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", false);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", false);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice-Family-Album", true);
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice-Family-Album", true);
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", true);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.accountGrantRemoveScope("Alice-Family-Album", "jdoe", "album:delete");
-            this.clientPage.accountGrantResource("Alice-Family-Album", "jdoe");
+        loginToClientPage("alice", "alice");
+        clientPage.accountGrantRemoveScope("Alice-Family-Album", "jdoe", "album:delete");
+        clientPage.accountGrantResource("Alice-Family-Album", "jdoe");
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", false);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", true);
     }
 
     @Test
     public void testOwnerSharingResource() throws Exception {
-        try {
-            this.deployer.deploy(RESOURCE_SERVER_ID);
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice-Family-Album", true);
-            this.clientPage.accountShareResource("Alice-Family-Album", "jdoe");
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice-Family-Album", true);
+        clientPage.accountShareResource("Alice-Family-Album", "jdoe");
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", false);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", false);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.createAlbum("Alice-Family-Album", true);
-            this.clientPage.accountShareRemoveScope("Alice-Family-Album", "jdoe", "album:delete");
+        loginToClientPage("alice", "alice");
+        clientPage.createAlbum("Alice-Family-Album", true);
+        clientPage.accountShareRemoveScope("Alice-Family-Album", "jdoe", "album:delete");
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertFalse(this.clientPage.wasDenied());
-            this.clientPage.navigateTo();
-            this.clientPage.viewAllAlbums();
-            this.clientPage.deleteAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", false);
+        clientPage.navigateTo();
+        clientPage.viewAllAlbums();
+        clientPage.deleteAlbum("Alice-Family-Album", true);
 
-            loginToClientPage("alice", "alice");
-            this.clientPage.accountRevokeResource("Alice-Family-Album", "jdoe");
+        loginToClientPage("alice", "alice");
+        clientPage.accountRevokeResource("Alice-Family-Album", "jdoe");
 
-            loginToClientPage("jdoe", "jdoe");
-            this.clientPage.viewAllAlbums();
-            this.clientPage.viewAlbum("Alice-Family-Album");
-            assertTrue(this.clientPage.wasDenied());
-        } finally {
-            this.deployer.undeploy(RESOURCE_SERVER_ID);
-        }
+        loginToClientPage("jdoe", "jdoe");
+        clientPage.viewAllAlbums();
+        clientPage.viewAlbum("Alice-Family-Album", true);
     }
 
     private void importResourceServerSettings() throws FileNotFoundException {
@@ -791,6 +685,7 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd
     }
 
     private void loginToClientPage(String username, String password, String... scopes) throws InterruptedException {
+        log.debugf("--logging in as {0} with password: {1}; scopes: {2}", username, password, Arrays.toString(scopes));
         // We need to log out by deleting cookies because the log out button sometimes doesn't work in PhantomJS
         deleteAllCookiesForTestRealm();
         clientPage.navigateTo();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index 2b5c24f8c1..e6486a2562 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -45,6 +45,10 @@
         <property name="chromeArguments">${chromeArguments}</property>
     </extension>
 
+    <extension qualifier="drone">
+       <property name="instantiationTimeoutInSeconds">${droneInstantiationTimeoutInSeconds}</property>
+    </extension>
+    
     <extension qualifier="graphene">
         <property name="waitGuiInterval">5</property>
         <property name="waitAjaxInterval">5</property>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyPhotozExampleAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyPhotozExampleAdapterTest.java
index f35217c719..42cde44ab3 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyPhotozExampleAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyPhotozExampleAdapterTest.java
@@ -16,7 +16,6 @@
  */
 package org.keycloak.testsuite.adapter.example.authorization;
 
-import org.keycloak.testsuite.adapter.example.authorization.AbstractPhotozExampleAdapterTest;
 import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
 
 /**
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 04a95833e5..95d2aaf741 100755
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -102,6 +102,7 @@
 
         <browser>htmlUnit</browser>
         <webdriverDownloadBinaries>true</webdriverDownloadBinaries>
+        <droneInstantiationTimeoutInSeconds>60</droneInstantiationTimeoutInSeconds>
         <github.username/>
         <github.secretToken/>
         <ieDriverArch/>
@@ -278,6 +279,7 @@
                             <js.chromeArguments>${js.chromeArguments}</js.chromeArguments>
                             <htmlUnitBrowserVersion>${htmlUnitBrowserVersion}</htmlUnitBrowserVersion>
                             <webdriverDownloadBinaries>${webdriverDownloadBinaries}</webdriverDownloadBinaries>
+                            <droneInstantiationTimeoutInSeconds>${droneInstantiationTimeoutInSeconds}</droneInstantiationTimeoutInSeconds>
 
                             <github.username>${github.username}</github.username>
                             <github.secretToken>${github.secretToken}</github.secretToken>